Scribo

Privacy Policy

Effective Date: April 18, 2026

At Scribo AI, we take your privacy and the privacy of your customers seriously. This Privacy Policy explains how we collect, use, protect, and handle personal data when you use our AI missed-call recovery service.

Information We Collect

  • Business information: Company name, contact details, billing information, and scheduling calendar access (when you connect Google Calendar, Outlook, or your CRM).
  • Customer conversation data: SMS and WhatsApp messages exchanged between your customers and our AI agent (including addresses, phone numbers, and service details).
  • Usage data: Logs of conversations, booking outcomes, and system performance to improve the service.

How We Use Your Data

We use this information to:

  • Deploy and operate your custom AI agent
  • Process missed calls and book appointments
  • Provide you with conversation summaries and notifications
  • Improve our AI through aggregated, anonymised learning (never using your specific customer data for training other clients)

Secure Data Handling & PII Redaction (Key Highlight)

We are committed to protecting sensitive customer information:

  • We never store sensitive information. All conversations use secure PII redaction technology (powered by our Glaivio framework) to automatically detect and scrub personally identifiable information such as full addresses, payment details, or other sensitive data before any data is processed or stored.
  • Redacted data is re-hydrated only locally when generating replies, ensuring privacy is maintained at all times.
  • Data is passed directly to your CRM. Customer information collected during conversations (such as contact details and booking information) is securely transmitted to your connected CRM system. We act as a pass-through and do not retain this sensitive data on our servers.
  • Conversations are stored securely with end-to-end encryption where possible.
  • We use enterprise-grade providers: Twilio and WhatsApp Business API for messaging.

We do not sell your data or your customers' data to third parties.

Data Sharing

We share data only with:

  • Necessary service providers (Twilio, calendar providers, hosting services) under strict data processing agreements.
  • Legal authorities only when required by law.

Your Rights (GDPR)

As a UK-based company, we comply with GDPR. You have the right to access, correct, delete, or restrict processing of your personal data. Contact us at the email below to exercise these rights.

Data Retention

We retain conversation logs only as long as needed to provide the service and for legitimate business purposes (typically up to 12 months), after which they are securely deleted or anonymised.

Security

We implement appropriate technical and organisational measures to protect your data, including encryption, access controls, and regular security reviews.

For the full details or questions, please contact us at: [email protected]